Identity and Privacy Technologies within the framework of EGIDA

Vicomtech is leading the research of the network regarding identity verification using biometrics, protection against identity fraud, decentralized identities, and privacy protection. This activity was identified as a key issue for the protection of the systems by the organizations members of EGIDA and in fact it is one of the four main technical activities of the excellence network.

Choosing this set of tasks makes it possible to advance in the different aspects of identity management, both in its identification through biometric systems, and in the protection of said systems against attempts to impersonate malicious actors. It is important to note that, although biometric technologies are not new, at present their use has exploded due to their inclusion in mobile phones as a comfortable and viable alternative to traditional keys, and to the portability of sensors: face, voice, footprint, etc. It also highlights the fact that the industry standards themselves indicate that spoofing detection must be carried out in specialized and independent modules, since the evidence shows that identification algorithms are not effective in detecting spoofing attempts.

In addition to biometrics, we also analyze the storage and management of the identity repository following standards, best practices and applying new technologies, trying to return the sovereignty of personal data to its owners. To do this, systems must be created that do not require blind trust in a third party to control identities, but rather the distribution of their storage will be sought, but that leave control of the information to the user.

Finally, the privacy weaknesses that technology currently presents generating a strong impact on people’s trust, will be analyzed. On the one hand, work will be done on the anonymization of personal information, in an intelligent way and considering the context of the data. On the other hand, machine learning models applied to decision-making are acquiring a high relevance. Therefore, the network will also analyze the robustness of the resulting models against attempts to extract the personal information used during their generation. The potential discrimination that certain biases of the model can bring to the people who use them will also be taken into account.

These four objectives are perfectly aligned with the rest of the activities, and allow to rely on the results of the encryption activity, as well as to supply basic technologies that can be used for the identity management of the new distributed systems: IoT, 5G, etc. With all this, a multiplier effect is sought and to achieve a greater dissemination and impact of research in this area.